package com.snoweagler.config;


import com.snoweagler.userdetails.CustomUserDetailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.annotation.Resource;
import java.util.List;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    @Qualifier("customUserDetailService")
    private UserDetailsService userDetailsService;
    @Resource
    private AuthentionSuccessFilter authentionSuccessFilter;
    @Resource
    private AuthentionFailurFilter authentionFailurFilter;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin().loginPage("/login")
                .successHandler(authentionSuccessFilter)
                .failureHandler(authentionFailurFilter)
                .and()
                .rememberMe()
                .and()
                .authorizeRequests() //对请求的路径进行认证
                .antMatchers("/login.html", "/login","/imageCode/image").permitAll() //需要放过的页面
                .anyRequest().authenticated() //其他的全部都需要认证
                .and()
                .logout().permitAll() //放过退出请求
        ;
        http.csrf().disable(); // 关闭CSRF跨域
    }

    @Bean
    public UserDetailsService userDetailsService() {
        InMemoryUserDetailsManager userDetailsManager = new InMemoryUserDetailsManager();
        List<GrantedAuthority> authorities = AuthorityUtils.commaSeparatedStringToAuthorityList("admin,develop");
        String password = new BCryptPasswordEncoder().encode("123456");//加密工具
        userDetailsManager.createUser(new User("zhangsan", password, authorities));
        userDetailsManager.createUser(new User("lisi", password, authorities));
        userDetailsManager.createUser(new User("wangwu", password, authorities));
        return userDetailsManager;
    }
//
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }
    @Bean
    public UserDetailsService customUserDetailService(){
        return new CustomUserDetailService();
    }
}
